Manage Your Passwords Online

You can’t trust any online companies with your personal information. The technology is vulnerable to threats. An encryption flaw like Heartbleed affected countless popular websites like Gmail, Facebook, and LinkedIn. They’re all big companies with hundred of talented software engineers, yet even they can’t discover the flaw in their encryption.

If big companies with hundred of engineers can’t prevent your password from being breached, what makes you think other smaller companies can?

You definitely have more than twenty online accounts. They’re your online identities. Anyone who can gain access to your online identity can impersonate you and swindle your family, spouse, and friends. That’s why it’s important to manage your passwords seriously to prevent these incidents from happening.

Before we take actions to secure your passwords online, let’s take a look at the common mistakes most people make when they’re making and storing passwords.

1. Using the same password for all accounts. The common misconception is believing that one strong password can secure your online accounts.

Isn’t it easy to remember only one password and can access your online accounts everywhere? Not until your password leaks and you have to change forty online accounts with a new password.

If you’re an online professional, you want to keep them safe. Be a professional and secure them.

2. Believe a short complex password is a strong password. Most people confuse password complexity with password strength. Here is a comparison of these two type of passwords:

Complex Password: w78^DsFz&*)

Strong Password: theDonkeykongeats25bananas

3. Tell other people their passwords. It’s a horrible mistake to tell other people, whether they’re close friends or family members, your password. If you have to tell them your password under certain circumtances, make sure to change it later.

It’s not that you don’t trust them, but you want to prevent yourself from suspecting them when your accounts are breached.

4. Store password in plain text. So you’re using different password for each website. You use password generator and store them neatly in a plain text, or the sophisticated spreadsheet with the username, registered email address, and password.

Perfect! Except that you‘re storing them all in plain text.

t means others can view these passwords when they gain access to your spreadsheet — no more password is required. Furthermore, the server scheduled backup keeps the record of the data, thus increases the risk of your password being exposed to irresponsible third parties.

4 Action Steps to Secure Your Passwords

We’ve talked about the common mistakes people make when managing their passwords online, now I’m going to share the actions steps you can take to simplify the process of organizing your passwords.

1. Use a password manager

A well-designed password manager solves two problems: organization and encryption. You might find it bothersome to run an app to find out your password for different account, but considering the security you get from being cautious, password manager solves more than just organization and encryption problem.

Password manager these days are now integrated with web browsers. It means you can unlock the password manager and sign into your favorite websites witout having to enter any single password — or maybe just your master password.

When it comes to password manager, I only have one recommendation. It’s 1Password. It’s available on Mac, Windows, iPhone, iPad, and Android. Check it out if you haven’t used any password manager.

2. Answer the secret questions randomly

Don’t use real answers for the so-called secret questions. Figuring out your personal information is much easier with Facebook, LinkedIn, and Google. “Where is your hometown” is no longer a question to protect your accounts. It’s the one way ticket to send your account to the irresponsible parties.

Instead, answer with nonsenses. Where is your hometown? Use “Bikini Bottom” as an answer, or just type any combination of words like “The Terminator of Mars“. These information are unavailable online. They won’t be able to guess the secret answers.

1Password lets you attach notes and files into your accounts. I prefer to save the secret questions inside the note field so whenever I need to view these secret questions, I simply search for related login items.

3. Have three (strong) master passwords

Create a strong memorable master password for these three accounts: Apple ID, Dropbox, and 1Password.

This setup prevents thieves, even after gaining access to your Mac, from viewing your passwords. The same thing applies for the Dropbox account. Because Dropbox’s password is different, you’re the only one that can revoke the access to the stolen Mac and open 1PasswordAnywhere in Dropbox.

We measure the strength of password by entropy. Whenever I talk about entropy, I simply send people to this comic on xkcd.

In other words, long memorable password is stronger than short complex password.

Use a combination of common words that are absurd and funny to create a password. There is no exact pattern of how you create a password, but I find it’s easier expand the password from characters, stories, or events. Divide the long password into two section with the combination of capital letters and number as separator. It helps you to memorize the password, and also fulfill some of the password requirements (using capital letter and number) in some sites. Here’s a few example.

grumpy duck No24 wears blue hat

smart mouse No24 wears red pant

genius philanthropist No24 makes iron suits

Another benefit of expanding a story into password is you can use them in the hint section. Forget your password? Try Donald Duck.

4. Make it accessible anywhere

It’s possible to take your password everywhere with 1PasswordAnywhere — a feature that lets you decrypt and view your passwords even when you’re away from Mac. You can store the encrypted data in USB, or host in on Dropbox to keep it accessible online.

Declutter Your Digital Shelf

Passwords are the most important items in your digital shelf. By keeping them in order and safe, you can put all your focus into the tasks you want to do. I hope this article helps you to get started to take control of your passwords, and if you have anyone in your mind who might benefit from this article, please share it with them.

This guide is one of the decluttering digital shelf series to help people stay in control with their digital belonging. You can read the rest of the guide here. You can also subscribe and receive more posts like this every week. More Details »